﻿<#
MIT License
Copyright (c) 2016 powershell-kitchen.com/ PS Cheff
http://www.powershell-kitchen.com/page/mit-license
Published on: http://powershellkitchen.com/post/protecting-your-secrets
#>

<#
 
.SYNOPSIS
 This script decrypts a string (Machine dependant). 
 
.DESCRIPTION
 This script decrypts a string. The string can only be decripted the same machine where it was encrypted. In addition it could be mapped also to the current user 
 
.EXAMPLE
 .\unprotectString.ps1 "AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAqHy1xqB8nUCG4BwKMnFnLQQAAAACAAAAAAADZgAAwAAAABAAAACr4VtJFP00Dwu/IK7BE/thAAAAAASAAACgAAAAEAAAANOjnfBVZiEWwOl55ho1xiIYAAAAC29fS+mm9ptO/yq/WypK/ys85oxQYgtoFAAAANZz7XbOmH82w6jvHiRUENH9+8r4"
 
.NOTES
 

#>
 
Param(
  [Parameter(Mandatory=$True,Position=1)]
  [string]$value,

  [switch] $userContext
)
[void] [Reflection.Assembly]::LoadWithPartialName("System.Security") 

$secretBytes  = [System.Convert]::FromBase64String($value)


if ($userContext)
{
    $result = [System.Security.Cryptography.ProtectedData]::Unprotect($secretBytes,$null,[System.Security.Cryptography.DataProtectionScope]::CurrentUser)  
}
else
{
    $result = [System.Security.Cryptography.ProtectedData]::Unprotect($secretBytes,$null,[System.Security.Cryptography.DataProtectionScope]::LocalMachine)  
}
[System.Text.UTF8Encoding]::UTF8.GetString($result)
